|
289731
|
- |
|
openstack
|
swift
|
The TempURL middleware in OpenStack Object Storage (Swift) 1.4.6 through 1.8.0, 1.9.0 through 1.10.0, and 1.11.0 allows remote attackers to obtain secret URLs by leveraging an object name and a timin…
|
CWE-200
Information Exposure
|
CVE-2014-0006
|
2024-11-21 11:01 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289732
|
- |
|
moodle
fedoraproject
|
moodle
fedora
|
Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 allo…
|
CWE-352
Origin Validation Error
|
CVE-2014-0010
|
2024-11-21 11:01 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289733
|
- |
|
moodle
|
moodle
|
course/loginas.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 does not enforce the moodle/site:accessallgroups capability requiremen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0009
|
2024-11-21 11:01 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289734
|
- |
|
moodle
|
moodle
|
lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 logs cleartext passwords, which allows remote authenticated administrators to obtain sensitiv…
|
CWE-255
Credentials Management
|
CVE-2014-0008
|
2024-11-21 11:01 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289735
|
- |
|
microsoft
|
windows_7
|
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Server 2008 R2 SP1 does not properly consider thread-owned objects during the processing of window handles, which allows local use…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0262
|
2024-11-21 11:01 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289736
|
- |
|
microsoft
|
dynamics_ax
|
Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows remote authenticated users to cause a denial of service (instance outage) via crafted data to an Application Object Server (AOS) inst…
|
CWE-20
Improper Input Validation
|
CVE-2014-0261
|
2024-11-21 11:01 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289737
|
- |
|
microsoft
|
sharepoint_server
word
office_web_apps
office_web_apps_server
office_compatibility_pack
word_viewer
|
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0260
|
2024-11-21 11:01 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289738
|
- |
|
microsoft
|
office_compatibility_pack
word
|
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Me…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0259
|
2024-11-21 11:01 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289739
|
- |
|
microsoft
|
word
office_compatibility_pack
word_viewer
|
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Of…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0258
|
2024-11-21 11:01 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289740
|
- |
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise HRMS Human Resources component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown…
|
NVD-CWE-noinfo
|
CVE-2014-0388
|
2024-11-21 11:01 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
